General
-
Target
BoosterX.exe
-
Size
31.6MB
-
Sample
240518-rzbm3sgc55
-
MD5
4fbf426a08cc872e70da9a2d1370bafe
-
SHA1
e55ce381f81f644aeebb0760abb2c25f1dcf7a3d
-
SHA256
d51335c79bda0192cb99154d5885a3039e480d8f66f7c8e682560644a007e837
-
SHA512
2cd8d76f411db3e14d1d754989eebac85bf6680ecea9579676b93b3e880e4ccafa893c957eb2a34ff12aa6f55bb23e099e19a123074b762b7c05ce152b9bb4bd
-
SSDEEP
786432:YxghBYAEz1/SyAqmpMuJOe3wrgtXX3KMzbCqiiov9SKUMN7N8RSa/:YxgW1EqmpMuJDztXZOqmv7Ux
Static task
static1
Malware Config
Targets
-
-
Target
BoosterX.exe
-
Size
31.6MB
-
MD5
4fbf426a08cc872e70da9a2d1370bafe
-
SHA1
e55ce381f81f644aeebb0760abb2c25f1dcf7a3d
-
SHA256
d51335c79bda0192cb99154d5885a3039e480d8f66f7c8e682560644a007e837
-
SHA512
2cd8d76f411db3e14d1d754989eebac85bf6680ecea9579676b93b3e880e4ccafa893c957eb2a34ff12aa6f55bb23e099e19a123074b762b7c05ce152b9bb4bd
-
SSDEEP
786432:YxghBYAEz1/SyAqmpMuJOe3wrgtXX3KMzbCqiiov9SKUMN7N8RSa/:YxgW1EqmpMuJDztXZOqmv7Ux
-
Modifies boot configuration data using bcdedit
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Matrix ATT&CK v13
Defense Evasion
Modify Registry
2Impair Defenses
1Disable or Modify Tools
1File and Directory Permissions Modification
1Subvert Trust Controls
1Install Root Certificate
1